<?php  if ( ! defined('BASEPATH')) exit('No direct script access allowed');

function hasPermission($uri,$posid){
	if ($posid==0) return true; else {
		$permissions = array(array('mgmt\/addUser','mgmt\/addDeal'),
							 array('mgmt\/addDeal'),
							 array('mgmt\/allCategories','mgmt\/addCategory','mgmt\/allADeals','mgmt\/addAdeal','mgmt\/allComments')
							 );
		
		

		$found = false;
		for ($j=0;$j<count($permissions[$posid-1]);$j++) {
					if (preg_match("/^".$permissions[$posid-1][$j]."/", $uri)!=0) {
						$found = true;
						break;
					}
				}
		if ($found) return true;

		for ($i=0;$i<3;$i++) 
			if (($i+1)!=$posid) {
			for ($j=0;$j<count($permissions[$i]);$j++) {
					if (preg_match("/^".$permissions[$i][$j]."/", $uri)!=0) {
						$found = false;
						for ($k=0;$k<count($permissions[$posid]);$k++) {
							if ($permissions[$i][$j]==$permissions[$posid][$k]) {
								$found = true;
								break;
							}
						}
						if (!$found) return false;
					}
				}
			}		
			
		return true;
	}
}